Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature: add vulnerable dependency #101

Closed

Conversation

e-moreno
Copy link

No description provided.

dependabot bot and others added 9 commits April 30, 2024 09:55
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.20 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.20...4.17.21)

---
updated-dependencies:
- dependency-name: lodash
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
…t/lodash-4.17.21

Bump lodash from 4.17.20 to 4.17.21 in /javascript
Bumps [hot-formula-parser](https://github.com/handsontable/formula-parser) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/handsontable/formula-parser/releases)
- [Changelog](https://github.com/handsontable/formula-parser/blob/develop/.release.json)
- [Commits](handsontable/formula-parser@3.0.0...3.0.1)

---
updated-dependencies:
- dependency-name: hot-formula-parser
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
Update dependabot-metadata.yml
…t/hot-formula-parser-3.0.1

Bump hot-formula-parser from 3.0.0 to 3.0.1 in /javascript
@jeffwidman
Copy link
Member

This is a demo repo, I think you meant to open a PR against a different repo.

@jeffwidman jeffwidman closed this Apr 30, 2024
@jeffwidman
Copy link
Member

Or did you actually mean to open against this repo and improve the demo? If so, please update your PR/commit message accordingly.

@e-moreno
Copy link
Author

e-moreno commented May 2, 2024

Hi, I was opening a PR to my own fork and messed up, sorry 🙏

@jeffwidman
Copy link
Member

No worries, I did that just a few weeks ago myself.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants